DoD confirms computer virus in networks

[308Mike]

Linkarooni

DoD confirms computer virus in networks

By William H. McMichael and Bruce Rolfsen - Staff writers
Posted : Friday Nov 21, 2008 14:16:45 EST

The Defense Department confirmed Friday that a virus has infected some of its computer networks but declined to identify the infection, say whether it was a direct attack on the networks or confirm published directives that ban the use of portable storage media such as thumb drives.

“We are aware of a global virus for which there are some public alerts,” said Bryan Whitman, Pentagon spokesman. “And we’ve seen some of this on our networks. We’re taking steps to identify and mitigate the virus.”

Whitman wouldn’t characterize the infection further except to call it a “global issue” that also is affecting worldwide networks outside the Defense Department.

More of this story..............

[Steamforger]

Next thing you know f@#$%^g Skynet is online and the automatons of death are running rampant. Hysteria abounds. Obama makes a speech to calm the nation during which a hunter-killer grazes both of his ears in several different locations. It was aiming for more vital areas, but it's targeting software repeatedly kept locking onto "all that canvas". (seriously, I bet if you stood Obama on water skis, in a stiff breeze he could make 15 knots.)

Hillary declares Skynet a running mate for 2012 while accepting a current posting as Secretary of State. Bill is unavailable for comment as he has locked himself and a harem in a bomb shelter under the White House.

The GOP, in the meantime, continue to "reach across the aisle" to the machines in an effort strangle themselves just a little bit more slowly.


It would seem I'm feeling a bit snarky this afternoon.

[308Mike]

We've certainly been getting plenty of panicky emails from the Navy about USB devices, here's a sample:

In response to recent tasking, the following actions MUST be taken and reported to Information Assurance ASAP:

Confirm that ALL USB storage devices to include the following items are disconnected from ALL Navy networks, LANs, and standalone systems:

1. Thumb drives
2. External Hard Disk Drives
3. Memory sticks
4. Camera flash memory cards
5. Read/write CD burners
6. Any other USB storage device not on this list

BlackBerries and USB keyboards ARE allowed.

Items 1-6 are banned from ALL Navy networks until further notice.

Please respond to this email with confirmation that all USB devices have been disconnected immediately. All reporting must come from the IAO for reporting purposes. Reports received from anyone other than the IAOs will not be accepted. Please coordinate with your respective departments, divisions, labs, and work centers for compliance.

[mekender]

any good sysadmin could have prevented this problem in a single 8 hour work day

[mekender]

http://www.foxnews.com/politics/2008/11 ... ome-china/

The cyber attack on the Department of Defense that has led to a ban on the use of external hardware devices could have come from a number of foreign countries, possibly Russia, though the military is dismissing earlier reports that China was the source of the threat.

FOX News learned that a Navy rear admiral outside the Pentagon, in a briefing to his staff on Thursday, characterized the virus as a coordinated attack that was strategically timed to hit between the Nov. 4 presidential election and Inauguration Day, Jan. 20.

He described how a service member with access to classified information inadvertently loaded the virus onto his computer via a flash drive. As a result, he no longer knows where the computer's sensitive information is being stored.

sounds like an IT policy that wasnt implemented properly.

[Drone 7 of lots more]

Gee, I guess a little more effort expending towards dealing with actual threats and a little less time spent pissing about blocking access to the gun counter might have been beneficial?


I did point out to our sysweenies at the AF base I was at at the time that our USB ports were loaded guns aimed at the networks back around 2002 or so. They just laughed and said not to worry... yeah, right. But they were able to successfully keep me from accessing a 'malicious hate site', The Gun Thing, iirc, or it's predecessor.

[Rich Jordan]

This just in: Department of Defense accidentally substituted petri dishes filled with agar and nutrients in place of its computer hardware and real operating systems; now shocked at nasty things growing in them.

Talk about low security standards.

[Dedicated_Dad]

Several years ago there was a "slurper" that had been P.O.C'd. It ran on IPods, Crackberrys and other similar devices... In sum, it looked on every storage resource available to the logged-on user for certain patterns which indicated SS#'s, CC#'s, etc. Whatever it found, it copied onto the device. It would then try to "phone home" - to china, singapore, et al -- and pass along the goodies it found.

All of my bank and medical (IOW SOx and HIPAA-liable) clients were strongly advised to rigidly control USB ports. I stayed busy for quite a while rolling out these techno-fixes, ensuring that only "approved" devices could be connected and blocking this sort of malware.

Mekender is close - I can't agree with "8 hours" but it certainly is doable with relative ease...

DD

PS: Some went way overboard. If you block everything the user can still pull up a doc and snap a pic of the monitor with a cell-phone. You have to trust your users, but not necessarily their toys.